Formal Methods in Software Engineering

Code:

EIC0039

Acronym:

MFES

Keywords
Classification	Keyword
OFICIAL	Software Engineering

Instance: 2010/2011 - 1S

Active?	Yes
Web Page:	http://paginas.fe.up.pt/~apaiva/teach/1011/MFES.htm
E-learning page:	http://moodle.fe.up.pt/
Responsible unit:	Department of Informatics Engineering
Course/CS Responsible:	Master in Informatics and Computing Engineering

Cycles of Study/Courses

Acronym	No. of Students	Study Plan	Curricular Years	Credits UCN	Credits ECTS	Contact hours	Total Time
MIEEC	0	Syllabus	4	-	6	56	162
			5
MIEIC	141	Syllabus since 2009/2010	4	-	6	56	162

Teaching language

Suitable for English-speaking students

Objectives

1- BACKGROUND
Students should have knowledge about software processes and software modelling.
2- SPECIFIC AIMS
To develop abstraction capabilities in order to describe what the system should do and not the way to do it. Be familiar with formal methods and the way they can contribute to increase the quality of software systems.
3- PREVIOUS KNOWLEDGE
Software engineering; Computing Theory; Algorithm design and analysis.
4- PERCENT DISTRIBUTION
Scientific component:50%
Technological component:50%
5- LEARNING OUTCOMES
At the end of the course students should be able to:
- Apply formal methods of specification (based on models, based on properties, based on behavior) and verification ("Model-checking, formal proofs and test) in the development of software systems.
- Identify existing formal methods and know when they should be applied and which are most suitable in each case.

Program

1. Introduction
What are formal methods?
Importance and applicability of formal methods in the development of software
Life cycle models and software development processes by incorporating formal methods.
Specification, refinement, implementation, verification and validation
Classification of formal methods
Explicit vs. implicit models, executable vs. non-executable
Formal verification techniques

2. Alloy Constraint Analyser for modelling and semantic analysis
Declarative modelling
Difference related to model checking
Alloy commands
Functions; predicates; facts; assertions and verifications (checks)
Static vs. dynamic modelling
Simulation of an operation
Check safety properties
Alloy analyser tool

3. Logic and model checking
Propositional, predicate, linear temporal (LTL) and computer tree logic (CTL)
State representation
Model checking:
- properties: safety, fairness, liveness, universality, possibility, absence, response, precedence
- The state explosion problem (techniques to diminish the problem): Symbolic state; bounds; on-the-fly; Partial Order Reduction (POR); abstraction

4. Model Based Specification
VDM-SL and VDM++ languages
Data representation based on mathematical structures (sets, sequences, finite functions)
State and non-state specification
Definition of types, values and functions
Definition of classes, instance variables and operations
Expressions and instructions
Design-by-contact: definition of invariables, preconditions and postconditions
Description of algorithms, executable specifications
Analysis of specification consistency
Connection of VDM++ to UML
Code generation from a formal specification
VDMTools

5. Formal proofs
Application of Hoare’s logic to algorithm correction
Gallina specification language: types of expressions, propositions and proofs; inductive data types; proof and automation tactics; inductive predicates
Program Correctness Proof
Coq, Caduceus, JAPE and Krakatoa

Mandatory literature

Daniel Jackson; Software Abstractions, MIT Press, 2006. ISBN: 0-262-10114-9
Fitzgerald, John; Validated designs for object-oriented systems. ISBN: 1-85233-881-4
Richard Bornat; Proof and Disproof in Formal Logic, Oxford University Press, 2005. ISBN: 0-19-8530269
B. Bérard; M. Bidoit; A. Finkel; F. Laroussinie; A. Petit; L. Petrucci; Ph. Schnoebelen; P. McKenzie; Systems and Software Verification - Model Checking Techniques and Tools, Springer, 2001. ISBN: 3-540-41523-8

Complementary Bibliography

Clarke, Jr., Edmund M.; Model checking. ISBN: 0-262-03270-8
Fitzgerald, John; Modelling systems. ISBN: 0-521-62605-6
Alagar, V. S.; Specification of software systems. ISBN: 0-387-98430-5

Teaching methods and learning activities

Theoretical classes will be based on the presentation of the themes of the course.
Practical classes will be based on exercises, so that students can contact with the various tools available and to do their assignments.

Software

JAPE
Alloy Analyzer
VDMTools

keywords

Technological sciences > Engineering > Computer engineering
Technological sciences > Technology > Computer technology > Software technology

Evaluation Type

Distributed evaluation with final exam

Assessment Components

Description	Type	Time (hours)	Weight (%)	End date
Attendance (estimated)	Participação presencial	56,00
Exams	Exame	6,00		2011-02-11
Practical work	Trabalho escrito	40,00		2010-11-27
	Total:	-	0,00

Amount of time allocated to each course unit

Description	Type	Time (hours)	End date
Individual study	Estudo autónomo	40	2011-02-11
Study for realization of practical work	Estudo autónomo	20	2010-11-26
	Total:	60,00

Eligibility for exams

Students have to reach a minimum mark of 45% in the continuous assessment component.
The presence in the practical classes is recorded and mandatory according to existing legislation.

Calculation formula of final grade

Final Mark will be based on the following components:
a) Open book exam – 2h 30m (50% of the final mark) – minimum mark of 45% (E)
b) Continuous assessment (50% of the final mark)
- Practical assignment, which is worth 25%- minimum mark of 45% (P1)
- Practical assignment, which is worth 25%- minimum mark of 45% (P2)

Final grade: E*45% + P1*25% + P2*25%

Comment: The difference between Final Mark and the mark of the exam cannot be higher than 3 points. It will be adjusted if it is.

Examinations or Special Assignments

Practical assignment of Alloy:
- Delivery up to 23:00 on the 15th October;
- Defense of the work during the practical lessons of the week 18-22 October.

Practical work of VDM:
- Delivery by 23:00 on the 26th November;
- Defense of practical work during the practical lessons of the week 29 Nov -3 Dec.

The defense of practical work is mandatory for ALL students.

Special assessment (TE, DA, ...)

Students excused from attendance at practical classes should contact the teacher for special sessions of follow up.

The defense of practical work is mandatory for ALL students.

Classification improvement

Students can improve the mark of their exams by attending a new exam at recurso season.
Students can only improve the mark of the continuous assessment component in the following year.